I had a script that used openssl to encrypt/decrypt messages using the
des-ede3-cfb cipher and noticed in the log entries that there was a
message that wouldn't decrypt. I do not know the contents of the message
or the length (I'd guess it was more than 1000 bytes), but I did some
investigation on it and thought that maybe the length of the message had
something to do with it. I wrote up a script to test out different
message lengths (from 1-1000 bytes) and it failed at lengths 46 and 47.
I tried it with different keys, message content, ciphers, and machines
(all of which were x86 based and had openssl compiled from the source) but
it always fails at lengths 46 and 47 when any of the feedback ciphers were
used in base64 mode.
Here is the command-line you can use to try it out:
len=46; enc=des-ede3-cfb; perl -e "print 'a' x $len;" | openssl $enc -e -a
-kfile test.key | openssl $enc -d -a -kfile test.key
For len=46 or len=47, nothing is output. For other values, the expected
number of a's are output. Without the -a flag, 46 and 47 work fine. I'm
not sure what other values will cause this problem, but I'm sure there are
others.
I've tried it with versions 0.9.3a and 0.9.4 with the same results.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
